PreparedStatement and Statement of JDBC

1 Importjava.sql.Connection;2 ImportJava.sql.DriverManager;3 Importjava.sql.PreparedStatement;4 ImportJava.sql.ResultSet;5 Importjava.sql.Statement;6 Importjava.util.Date;7 8  Public classStatmentexample {9 Ten      Public Static voidMain (string[] args)throwsException { One MysqlConnection3 (); A     } -      -     //MySQL method to get the value of the self-increment ID the      Public Static voidMysqlConnection1 ()throwsException { -Class.forName ("Com.mysql.jdbc.Driver"); -String url = "Jdbc:mysql://localhost/test?useunicode=true&&characterencoding=utf-8&autoreconnect=true "; -String user = "root"; +String password = "123456"; -Connection conn =NULL; +Statement stmt =NULL; AResultSet rs =NULL; at          -         Try { -conn =drivermanager.getconnection (URL, user, password); -stmt =conn.createstatement (); -Stmt.executeupdate ("INSERT INTO dept (deptname) VALUES (' marketing department ')", Statement.return_generated_keys); -rs = Stmt.getgeneratedkeys ();//MySQL method to get the value of the self-increment ID in             if(Rs.next ()) { -System.out.println (Rs.getint (1)); to             } +}Catch(Exception e) { -             Throwe; the}finally { * rs.close (); $ stmt.close ();Panax Notoginseng conn.close (); -         } the     } +     //It is recommended to always replace Statement with PreparedStatement A     //1. While the code is a few more lines, readability and maintainability are improved the     //2. Prevent SQL injection from improving security, the contents of the placeholder will be escaped, [' W ' or ' 1 ' = ' 1 '] will be escaped to [\ \ \ \ ' w\\ ' or \ \ ' 1\\ ' = \ \ ' 1\\ '] +     //3. Although precompilation is time-consuming, SQL compiled execution code is cached and does not need to be compiled the next time it is called, improving performance -      Public Static voidMysqlConnection2 ()throwsException { $Class.forName ("Com.mysql.jdbc.Driver"); $String url = "Jdbc:mysql://localhost/test?useunicode=true&&characterencoding=utf-8&autoreconnect=true "; -String user = "root"; -String password = "123456"; theConnection conn =NULL; -PreparedStatement perstmt2 =NULL;WuyiResultSet rs2 =NULL; the          -         Try { Wuconn =drivermanager.getconnection (URL, user, password); -String sql2 = "Select Deptno,deptname from dept where deptno =?";//Dept This table has a deptno,deptname field AboutPERSTMT2 =conn.preparestatement (SQL2); $Perstmt2.setint (1,11); -RS2 =perstmt2.executequery (); -              while(Rs2.next ()) { -System.out.print (Rs2.getint ("deptno") + ""); ASystem.out.println (rs2.getstring ("Deptname")); +             } the}Catch(Exception e) { -             Throwe; $}finally { the             //don't just shut down Conn because the resources on that side of the database are actually freed, but the connection resources in the operating system on this side of Java are not immediately released . the rs2.close (); the perstmt2.close (); the conn.close (); -         } in     } the     //use PreparedStatement's Addbatch () method to send multiple SQL to the database at once the      Public Static voidMysqlConnection3 ()throwsException { AboutClass.forName ("Com.mysql.jdbc.Driver"); theString url = "Jdbc:mysql://localhost/test?useunicode=true&&characterencoding=utf-8&autoreconnect=true "; theString user = "root"; theString password = "123456"; +Connection conn =NULL; -PreparedStatement perstmt2 =NULL; the         Bayi         Try { theconn =drivermanager.getconnection (URL, user, password); theSystem.out.println ((NewDate ()). GetTime ( )); -PERSTMT2 = Conn.preparestatement ("INSERT INTO dept (deptname) VALUES (?)");  -              for(intn = 0; n < 1000; n++) { thePerstmt2.setstring (1, "Ministry of Information" +n); the Perstmt2.addbatch (); the             } the Perstmt2.executebatch (); -System.out.println ((NewDate ()). GetTime ( )); the}Catch(Exception e) { the             Throwe; the}finally {94 perstmt2.close (); the conn.close (); the         } the     }98}

PreparedStatement and Statement of JDBC